<?php
	if((isset($_REQUEST['cboCustomer'])) && ctype_digit($_REQUEST['cboCustomer']) )
		$cboCustomer = $_REQUEST['cboCustomer'];
	else{
		array_push($ActionResults, "Please enter Customer.");
		$intFailed++;
	}
	
	if(isset($_REQUEST['txtNote']))
		$txtNote = mysql_escape_string($_REQUEST['txtNote']);
	else{
		array_push($ActionResults, "Please enter Note.");
		$intFailed++;
	}
	//echo $intCustomerNotesID;
	//UploadedDocument
     if($cboUploadedDocument == 1) {
         if(!$txtUploadedDocument) {
             array_push($ActionResults, "Your document was not attached.");
             return(FALSE);
         }
     }

     if($intFailed > 0){
         return(FALSE);
     }

     if ($intCustomerNotesID){
        $strSQL = "Update tblCustomerNotes
                     SET  tblCustomerNotes.Note =  '$txtNote updated by Staff ID : $cboStaff'
                         , tblCustomerNotes.UploadedDocument =  '$txtUploadedDocument'"; 
        $strJoin = " WHERE ";
        $strSQL .= $strJoin."tblCustomerNotes.ID =  '$intCustomerNotesID'";

        $strMessage = " Updated";
    }Else{

        $strSQL = "INSERT INTO tblCustomerNotes
                     (     tblCustomerNotes.Customer
                         , tblCustomerNotes.Note
                         , tblCustomerNotes.TimeStamp
                         , tblCustomerNotes.Staff
                         , tblCustomerNotes.UploadedDocument
                     )Values( '".$cboCustomer."'
                         , '".htmlspecialchars($txtNote, ENT_NOQUOTES)."'
                         , now()
                         , '".$_SESSION['sesStaffID']."'
                         , '".$txtUploadedDocument."'
                       )";

        $strMessage = "added";

    }
    $strSQL .= ";";	   
	//echo "<br />".$strSQL."<br />";

         if (!include (MODULE . "/action/actMySqlResults")){
             array_push($ActionResults,"Failed To Add Customer Notes To Database");
             return(false);
         }
     if (!$intCustomerNotesID){
         $intCustomerNotesID = mysql_insert_id();
     }

     if(!$cboUploadedDocument == 1) {
     }else{
         if(!copy($txtUploadedDocument,"./images/product/product".$intCustomerNotesID."_$txtUploadedDocument_name")){
             array_push($ActionResults,"Failed To Add CustomerNotes To Database");
             return(false);
         }
     
     $strSQL = "Update tblCustomerNotes
                 SET tblCustomerNotes.UploadedDocument = 'product".$intCustomerNotesID."_$txtUploadedDocument_name'
                 WHERE
                 tblCustomerNotes.ID = ".$intCustomerNotesID;
     include (MODULE . "/action/actMySqlResults");
     unlink($txtUploadedDocument);
     }
?>
